The private authentication file (AuthFile or "svpasswd") requires that you supply a password for authenticating each username. The password can be entered as plain text for convenience. But a more secure option is to enter a password hash.

The mkpasswd program, included in the "Server Files" folder, will generate a password hash suitable for the accompanying server platform. You may then copy this hash into the password field of an AuthFile user record. It has the following syntax:

mkpasswd [password]

If you do not include the password on the command line, mkpasswd will securely prompt you to enter it.

mkpasswd does not change your AuthFile. The hash must be copied into the password field of an AuthFile record and the server restarted or reloaded for the new password to take effect.

The Windows version of mkpasswd will generate a 128-bit MD5 hash. As an alternative to running mkpasswd.exe in a command shell, you may also double click on mkpasswd.exe and enter the password when prompted. The hash value will be automatically copied to the Windows clipboard.

paul:3858F62230Ac3c915f300c664312C63f:::C:\Documents and Settings\paul:RestrictHome

Windows servers require MD5 hashes while unix servers require unix crypt hashes. So if you move an AuthFile from a Windows system to a unix system or vice-versa, you must update the password hashes.

The Apache web server's htpasswd utility is also known to generate appropriate password hashes for use with servedat. However, htpasswd should not be used to edit an AuthFile because it will erase all of the fields after the password.